Question:
How can a Go function be made to mimic the behavior of PHP's crypt() function for specific input strings, where PHP's crypt() with CRYPT_BLOWFISH evaluation results in true?
Attempts and Expected Result:
Attempts have been made to achieve this, but without success:
The desired outcome is for a Go crypt() function to correctly evaluate the strings "enter-new-password" and "$2a$09$f5561d2634fb28a969f2dO8QeQ70f4bjCnF/.GvPpjj.8jgmtzZP2" to true, like PHP's crypt().
Solution:
While an exact PHP crypt() equivalent in Go couldn't be found, an alternative solution was implemented:
<code class="go">import "golang.org/x/crypto/bcrypt"
check := bcrypt.CompareHashAndPassword([]byte("a$f5561d2634fb28a969f2dO8QeQ70f4bjCnF/.GvPpjj.8jgmtzZP2"), []byte("enter-new-password"))
if check == nil {
fmt.Println("Passwords match")
} else {
fmt.Println("Passwords don't match")
}</code>This approach utilizes the golang.org/x/crypto/bcrypt module to compare the provided password with the stored hash value. The CompareHashAndPassword() function returns nil if the passwords match and an error otherwise.
Additional Notes:
It's important to note that PHP's crypt function offers multiple hashing algorithms, including sha256, sha512, and blowfish. In Go, different modules are often necessary to handle specific algorithms. In this case, the blowfish type hashing used in the PHP example is not natively supported by any of the Go modules attempted. Therefore, the bcrypt module was used instead.
The above is the detailed content of How to Achieve PHP\'s crypt() Function Equivalence for CRYPT_BLOWFISH in Go?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
